basic-auth-connect's callback uses time unsafe string comparison
basic-auth-connect <1.1.0 uses a timing-unsafe equality comparison that can leak timing information
Advisories for Npm/Basic-Auth-Connect package
2024
basic-auth-connect <1.1.0 uses a timing-unsafe equality comparison that can leak timing information